0b287690b08e375d104cd6c359a388e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b287690b08e375d104cd6c359a388e7_JaffaCakes118
Size

812KB
MD5

0b287690b08e375d104cd6c359a388e7
SHA1

64555f17c1369d7ffe1f8b208defa6a974d390f5
SHA256

b79a51596642889cf7cd45c529531466473dbd8741ed4903dea226f55d72a347
SHA512

5b2c37ec301964b5ca98f4fe6fbf755d58530992bfa60d3ee1b2afa3e4c31c5b038ca30a96dff607c81f8fce765272f9367ab8883f078bb923df43823cb00796
SSDEEP

12288:/ITzhV6DS/wBmPdQuUM1ILizDKsyiwZZ6QNJdUNYvi5NI6yjPqHhZ:kzhkDUFQuUMfK1CQ/dUNYv6+6wP0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b287690b08e375d104cd6c359a388e7_JaffaCakes118

Files

0b287690b08e375d104cd6c359a388e7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6d5e538bfbc2e4bbc8622c7133388453

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetMenuItemInfoA
SetUserObjectInformationW
GetMenuContextHelpId
ReplyMessage
wvsprintfA
ShowWindow
GetDlgItem
GetMessageA
AttachThreadInput
WindowFromDC
SetMenuItemInfoW
wsprintfW
CallMsgFilter
ChangeMenuA
GetTaskmanWindow
LoadStringW
OffsetRect
SetShellWindowEx
ScrollWindow
LoadMenuIndirectW
CheckRadioButton
CheckMenuRadioItem
MBToWCSEx
CreateSystemThreads
ArrangeIconicWindows
DialogBoxParamW
GetLastInputInfo
FrameRect
DefRawInputProc
GetAncestor
DrawCaptionTempA
ScrollWindowEx
GetAppCompatFlags2
EnableWindow
CharUpperW

duser

SetGadgetProperty
SetGadgetFocus
DUserSendEvent
GetGadgetRect
UtilGetColor
SetGadgetCenterPoint
GetGadgetBufferInfo
InvalidateGadget
DUserPostEvent
IsGadgetParentChainStyle
FireGadgetMessages
FindGadgetFromPoint
GetMessageExW
SetGadgetMessageFilter
DUserDeleteGadget
UtilDrawOutlineRect
RegisterGadgetProperty
PeekMessageExA
GetGadgetFocus
DrawGadgetTree
GetGadgetScale
GetStdColorBrushF
DUserBuildGadget
DUserGetRotatePRID
UnregisterGadgetProperty
AttachWndProcW
GetGadgetSize
AttachWndProcA
GetGadgetStyle
UtilBuildFont
DUserFindClass

mapistub

EnableIdleRoutine@8
MAPIInitialize
HrSetOneProp@8
FBadColumnSet@4
GetTnefStreamCodepage@12
HrComposeEID@28
FBadRglpszA@8
FixMAPI@0
IsBadBoundedStringPtr@8
MAPIOpenFormMgr@8
HrQueryAllRows@24
SzFindSz@8
__CPPValidateParameters@8
FGetComponentPath@20
UNKOBJ_ScCOAllocate@12
HrGetOmiProvidersFlags@8
ScCreateConversationIndex@16
MNLS_lstrcpyW@8
DeregisterIdleRoutine@4
RTFSync
MAPIAdminProfiles
MAPIResolveName
WrapProgress@20
UlRelease@4
OpenTnefStream@28
BuildDisplayTable@40
PpropFindProp@12
cmc_look_up

kernel32

CreateActCtxW
FillConsoleOutputCharacterA
OutputDebugStringA
FoldStringW
OpenFileMappingW
SetFirmwareEnvironmentVariableA
GetConsoleFontInfo
GetEnvironmentStringsA
SetUnhandledExceptionFilter
CreateRemoteThread
RegisterWowBaseHandlers
GetUserDefaultLangID
SetCalendarInfoW
ReadProcessMemory
SetClientTimeZoneInformation
IsDebuggerPresent
IsValidCodePage
AllocConsole
GetDiskFreeSpaceA
GetConsoleCursorInfo
GetVolumeNameForVolumeMountPointA
VirtualAlloc
SetComputerNameA
SetTermsrvAppInstallMode
BackupRead
LoadLibraryA
GetShortPathNameA
HeapLock
LockResource
GetExitCodeProcess
DeleteVolumeMountPointW

Sections

.text
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d5e538bfbc2e4bbc8622c7133388453

Headers

DLL Characteristics

File Characteristics

Imports

user32

duser

mapistub

kernel32

Sections

.text Size: 395KB - Virtual size: 395KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 154KB - Virtual size: 1.5MB

.rsrc Size: 148KB - Virtual size: 147KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 395KB - Virtual size: 395KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 154KB - Virtual size: 1.5MB

.rsrc
Size: 148KB - Virtual size: 147KB

.reloc
Size: 1KB - Virtual size: 1KB